Kelly Benefits Data Breach Update: Now 263,893 People Affected

April 22, 2025 update: An amended data breach disclosure with the Maine Attorney General increases the number of people affected to 263,893 from 32,234.

On March 3, 2025, Kelly & Associates Insurance Group, Inc. (also known as Kelly Benefits) discovered a significant data breach affecting the personal and health information of 263,893 individuals across the United States. The company, a leading employee benefits consulting and insurance firm, reported that the breach exposed a wide range of sensitive data, including names, Social Security numbers, tax ID numbers, dates of birth, financial account information, medical information, and health insurance details. Both personally identifiable information (PII) and protected health information (PHI) were involved.

The impact of the breach varies by state. In Maine, 7,029 residents were affected; in Massachusetts, 158; in South Carolina, 197; and in New Hampshire, 15. The company began notifying affected individuals by written notice starting April 9, 2025, with additional notifications sent by April 21, 2025.

At this time, the specific method of the breach and the identity of those responsible have not been disclosed. However, the scope of the incident and the types of data involved make this a severe breach, as it includes both financial and health-related information.

Information exposed: names, Social Security numbers, tax ID numbers, dates of birth, financial account information, medical information, and health insurance information.

Kelly & Associates Insurance Group, Inc.'s response

After discovering the breach, Kelly Benefits took steps to investigate and contain the incident. The company notified the appropriate authorities in multiple states and at the federal level, demonstrating compliance with data breach notification laws.

Detailed information about the breach and resources for affected individuals have been made available on the Kelly Benefits data event page.

If you believe you may have been affected, it is important to remain vigilant. Consider taking the following steps:

• Review any correspondence from Kelly Benefits for instructions or resources offered to you.
• Monitor your financial accounts and credit reports for any unauthorized activity.
• Consider placing a fraud alert or credit freeze on your credit file with the major credit bureaus.
• Watch for suspicious emails, phone calls, or mail that could indicate identity theft attempts.

Kelly Benefits has provided written notice to affected individuals and is likely offering additional support, such as credit monitoring or identity protection services, as is common in breaches of this nature. For more information, you can review the official notice to the California Attorney General, notice to the Maine Attorney General, notice to the Massachusetts Attorney General, notice to the South Carolina Attorney General, notice to the New Hampshire Attorney General, and notice to the U.S. Department of Health and Human Services.